What are levels of disassociation?
We see market confusion when companies request or offer “non-attribution” of infrastructure. We have started socializing the idea that we need to classify levels of disassociation in relation to your origin point.
Level 0 = You or Origin connection
Level 1 = DOD affiliated contracting company
Level 2 = DOD affiliated contracting company to non-DOD affiliated company
Level 3 = DOD affiliated contracting company to Tor to non-DOD affiliated company
Strengths/Weaknesses of well-known redirection services
TorStrengths: low barrier to entry, ease of use, possible to restrict originating country of requests.
WeaknessDoes not provide assurance of encrypted requests, does not guarantee delivery to intended end-point to due to proxy nature, does not guarantee speed and/or ability to maintain long-term sustained collection of desired materials.
Tor+VPNStrengths: basic non-attribution when combined with strategic acquisition process.
WeaknessSpeed and long-term sustained communications is not possible to ensure.
VPNStrengths: fast and reduced attribution to originator. Partial non-attribution when combined with strategic acquisition process.
WeaknessDoes not provide ability to quickly change IP space when VPN provider is identified. Does not protect against tampering from VPN providers that may become curious to current or future activities.
Cloud RedirectorsStrengths: best value performance, scalability anywhere.
WeaknessProvides disassociation up to contracting company vs attribution to DoD.
Mature Red Teams, law enforcement and government customers that would rather focus on mission and not infrastructure.
Simple, you can do this also. We addressed over 30 pain points in the 6 years operating and maturing this offering. It may take you less time to use our service as opposed to attempting this yourself. This service is also for professionals that value time to market and usability.
No. Only hybrid deployments utilize a VPN to connect your existing infrastructure to Kleared4.
Of course, we have an Early Adopter plan during local events for $1. You should sign up next time we are in town
No, this is a Cloud-Bursting platform that provides infrastructure on demand. It has bastion like properties but is not a bastion.
- Single management plane to observe usage and costs across all users.
- Single management plane to request resources from AWS and Azure.
- KLEARED4 provides GUI access over a web browser without a VPN, browser plugins or Remote Desktop and any additional applications.
- KLEARED4 is pre-configured to allow you to disassociate yourself up to 4 levels away from your origin connection.
- No licensing costs and better user-experience.
- No hardware costs..
- Scales on-demand without additional configurations.
- Better throughput and lower network congestion.
- No staffing or support costs, we maintain infrastructure for you.
With KLEARED4, you can architect and managed simple to complex environments from a single management interface across multiple cloud-providers. Our infrastructure was designed for security professionals that needed access to resources on the web for research and development. Our instances are accessible over HTML5 and are curated by our staff to ensure they are functional and ready to use on-demand. We also provide a disassociated element to improve sustained research over long periods. The infrastructure is simple to destroy and redeploy as needed. KLEARED4 also offers a hybrid-range solution to facilitate baremetal malware research and access to an IoT lab for research, providers like Digital Ocean are not currently attempting to market research labs such as KLEARED4 and instead provide affordable cloud resources for developers and companies to utilize.
- $125,000 of cloud usage credits of Kleared4 credits; redeemable for:
- AWS/Azure for consumption over one-year.
- On-demand purchase of software licenses at market price.
- On-demand purchase of hardware and peripherals at market price.
Basic engineering troubleshooting and support over email with 24 hour response window.
The funds generated from sales cover infrastructure costs and funds to pay our engineers, R&D and DevOps staff to make Kleared4 better and more affordable over time.
Red Teams/SOC/Cyber Ranges
We do not make training scenarios; you would have to make or import existing scenarios into the range.
We would like to better understand your use cases, you would be surprised.
All cloud-providers KLEARED4 are FEDRAMP compliant and the shared-responsibility model applies to a cloud deployment of KLEARED4. A hybrid or on-prem deployment of KLEARED4 would not be FedRAMP certified.
KLEARED4 can elastically scale on-demand based on resource projections and actual use. We use metrics in unison with cloud technology to scale up and down based on project needs. The scalability is dependent on which desired attribution level is used.
You need diversity and we strongly urge the use of KLEARED4 to gain best-value OPEX vs up-front CAPEX in comparison to other vendor solutions, which can become burned over its use and longevity of a contract. The use of KLEARED4 could generally cost less than the purchase of a dedicated server over a period of one year.
Security for nodes used for redirection and disassociation is provided by standardized configuration hardening from STIG or similar DOD vetted configuration baselines in conjunction with built-in encryption end to end from tunneling services used to request, process and collect data. None of the redirection nodes are accessible or visible within the public internet since we control ingress and egress point from a centralized management platform. Since none of the nodes run services, we have dedicated time within our CI/CD process to simplify aggregate all information collected into a reusable process where health checks are continuously running across all nodes. When nodes become degraded, our system will simply destroy the node and retasks incomplete workflows into another instance.
By keeping full accountability of actions with full network capture information such as NetFlows, pcap’s and similar log information in conjunction the video recordings of all operator and user activity during use, configuration and maintenance of all systems.